linux system administration - Chapter 1 Installation redhat7.2 initialization settings to use
1 Overview
After the Linux installation is complete, you need to do the initial setup, improve system security, stability, and availability.
systemctl is RedHatLinux7 service management tools, is responsible for control systemd system and service manager, before it blends service and chekconfig functions in one, you can use it permanently or only sessions enable / disable in the current service.
-
- Modify the hostname
1.1.1 View hostname
[root@xuegod63 ~]#hostname
localhost.localdomain
1.1.2 modify the hostname
RHEL6:/etc/sysconfig/network
RHEL7:/etc/hostname
hostname is a parameter linux system kernel, which is stored in the / proc / sys / kernel / hostname, but its value is read Linux boot from rc.sysinit
In theory / etc / sysconfig / network hostname configuration file is modified after the required restart, the system reads the hostname from the kernel at the time of restart.
1.1.3 does not restart to take effect
Command to take effect
[root@localhost ~]# sysctl kernel.hostname=jsmongodb
How to make changes take effect immediately without rebooting
Jsmongodb
1.2 set the card, manually set a static address
1.2.1 IP Configuration
NIC configuration file
RHEL6: /etc/sysconfig/network-scripts/ifcfg-eth0
RHEL7: /etc/sysconfig/network-scripts/ifcfg-eno16777736
Configuring IP
Rhel6 Network Configuration
Static settings
vi / etc / sysconfig / network-scripts / ifcfg-eth0 # edit the configuration file, add the following modification
DEVICE = eth0 network card name
BOOTPROTO = static # Enable static IP address
TYPE=Ethernet
UUID="a106d20f-65c2-4f17-a1a5-7311094fca7b"
ONBOOT = yes # Fi enabled automatically open
IPADDR = 192.168.1.63 # Set the IP address
NETMASK = 255.255.255.0 # Set the subnet mask
GATEWAY = 192.168.1.1 # Set Gateway
DNS1 = 8.8.8.8 # Set the primary DNS
DNS2 = 8.8.4.4 # Set DNS prepared
:! Wq # save and exit
Restart the network connection service networkrestart #
Dynamic network settings:
DEVICE=eth0
BOOTPROTO=dhcp
TYPE=Ethernet
HWADDR = a106d20f-65c2-4f17-a1a5-7311094fca7b (NIC mac address, do not change)
ONBOOT = yes (post launch)
1.3 turn off the firewall settings
1.3.1 View firewall settings
[root@jsmongodb ~]# systemctl status firewalld.service
Active: active (running) since 一 2019-03-11 19:34:45 CST; 29min ago
1.3.2 Operation Firewall
Check firewall status.
systemctl status firewalld
Temporarily turn off the firewall command. After rebooting the computer, automatic firewall up.
systemctl stop firewalld
Permanently turn off the firewall command. After the restart, the firewall will not start automatically.
systemctl disable firewalld
Open firewall command.
systemctl enable firewalld
1.4 Operating SELIUX
1.4.1. View the current status of SELinux
[root@bogon ~]# getenforce
Enforcing
1.4.2. Close SElinux
[root@bogon ~]# setenforce 0
[root@bogon ~]# getenforce
Permissive
1.4.3. Editing configuration files permanently closed
[root@bogon ~]#
vim /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX = permissive # modify this parameter
# SELINUXTYPE= can take one of three two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
1.5 disk processing
1.5.1 View the newly added disk information
[root@jsmongodb ~]# ll /dev/sd*
brw-rw ---- 1 root disk 8, 0 3 月 12 2019 / dev / sda
brw-rw---- 1 root disk 8, 1 3月 12 2019 /dev/sda1
brw-rw---- 1 root disk 8, 2 3月 12 2019 /dev/sda2
brw-rw---- 1 root disk 8, 16 3月 12 2019 /dev/sdb
brw-rw---- 1 root disk 8, 32 3月 12 2019 /dev/sdc
[root@jsmongodb ~]# fdisk -l /dev/sdb
1.5.2 Dealing with disk
[root@jsmongodb ~]# fdisk /dev/sdb
Command (input m to get help): m
Command Operation
a toggle a bootable flag
b edit bsd disklabel
c toggle the dos compatibility flag
d delete a partition
g create a new empty GPT partition table
G create an IRIX (SGI) partition table
l list known partition types
m print this menu
n add a new partition
o create a new empty DOS partition table
p print the partition table
q quit without saving changes
s create a new empty Sun disklabel
t change a partition's system id
u change display/entry units
v verify the partition table
w write table to disk and exit
x extra functionality (experts only)
Command (input m to get help): n
Partition type:
p primary (0 primary, 0 extended, 4 free)
e extended
Select (default p): p
Partition number (1-4, default 1): 1
Starting sector (2048-167772159 defaults to 2048):
We will use the default value 2048
Last sector, sector + or + size {K, M, G} (2048-167772159, default 167772159):
We will use the default value 167 772 159
Partition 1 is set to Linux type, size to 80 GiB
Command (input m to get help): p
Disk /dev/sdb:85.9 GB, 85899345920 bytes, sectors 167 772 160
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical / physical): 512 byte / 512 byte
I / O Size (minimal / optimal): 512 byte / 512 byte
Disk Label Type: dos
Disk identifier: 0xc761dc5b
设备 Boot Start End Blocks Id System
/dev/sdb1 2048 167772159 83885056 83 Linux
Command (input m to get help): w
The partition table has been altered!
Calling ioctl() to re-read partition table.
Syncing disks.
1.5.3 format the disk and disk pending
[root@jsmongodb ~]# mkfs.xfs /dev/sdb1
[root@jsmongodb ~]# mkdir /app
Modify / etc / fstab file to achieve power automatically mount
[root@jsmongodb ~]# vim /etc/fstab
/dev/sdb1 /app xfs defaults 0 0
[root@jsmongodb ~]# df -h
File system capacity has been available with a mount point%
/dev/mapper/rhel-root 50G 2.9G 48G 6% /
devtmpfs 1.9G 0 1.9G 0% /dev
tmpfs 1.9G 88K 1.9G 1% /dev/shm
tmpfs 1.9G 9.0M 1.9G 1% /run
tmpfs 1.9G 0 1.9G 0% /sys/fs/cgroup
/dev/sda1 497M 157M 340M 32% /boot
/dev/mapper/rhel-home 26G 36M 26G 1% /home
tmpfs 378M 4.0K 378M 1% /run/user/42
tmpfs 378M 12K 378M 1% /run/user/0
[root@jsmongodb ~]# mount -a
[root@jsmongodb ~]# df -h
File system capacity has been available with a mount point%
/dev/mapper/rhel-root 50G 2.9G 48G 6% /
devtmpfs 1.9G 0 1.9G 0% /dev
tmpfs 1.9G 88K 1.9G 1% /dev/shm
tmpfs 1.9G 9.0M 1.9G 1% /run
tmpfs 1.9G 0 1.9G 0% /sys/fs/cgroup
/dev/sda1 497M 157M 340M 32% /boot
/dev/mapper/rhel-home 26G 36M 26G 1% /home
tmpfs 378M 4.0K 378M 1% /run/user/42
tmpfs 378M 12K 378M 1% /run/user/0
/dev/sr0 3.8G 3.8G 0 100% /run/media/root/RHEL-7.2 Server.x86_64
/dev/sdb1 80G 33M 80G 1% /app
1.6 RHEL7 local YUM source configuration
1.6.1 copy CD files
[root@jsmongodb ~]# cp -rpv /run/media/root/RHEL-7.2\ Server.x86_64/* /app/rhel7.2yum/
1.6.2 modify the configuration file
[root@jsmongodb ~]# cd /etc/yum.repos.d/
[root@jsmongodb yum.repos.d]# touch rhel7.repo
[root@jsmongodb yum.repos.d]# vim rhel7.repo
rhel7.repo document reads as follows
[Name] # name in brackets for the warehouse source name, usually letters and numbers must be filled
name = my new repo # description of yum, you can not write write
baseurl = file: /// mnt / cdrom #baseurl path statement expressed rpm package yum to manage and use, you must fill in
enabled = 1 #enabled represents the current warehouse is turned on, 1 is on, 0 is off, this is not written on by default
gpgcheck = 0 #gpgcheck rpm installation package, said public and private key based on whether the packet matches the security information, 1 denotes open,
1.6.3 check whether the local yum source configured successfully
Clear cache yum yum clean all
yum makecache local cache source yum
yum list test
Local yum source configuration successful! ! !
